At a Glance
- Tasks: Lead the design and optimisation of enterprise-scale security monitoring platforms using Splunk.
- Company: Join Sopra Steria, a leader in digital solutions for National Security.
- Benefits: Competitive salary, car allowance, private healthcare, and generous annual leave.
- Other info: Opportunity for professional development and mentoring in a collaborative culture.
- Why this job: Make a real impact on security while developing your expertise in a supportive environment.
- Qualifications: Experience with Splunk, SIEM engineering, and strong problem-solving skills required.
The predicted salary is between 60000 - 75000 £ per year.
We are looking for an experienced Splunk Engineer to lead the design, deployment and optimisation of enterprise-scale security monitoring platforms. This is a hands-on technical role, suited to someone with strong Splunk Enterprise and Splunk Enterprise Security experience, who can take ownership of platform engineering, data ingestion, detection content and performance tuning across complex client environments. This is a key technical leadership role, responsible for ensuring the right tooling, controls and processes are in place to help protect and monitor our clients' environments.
The opportunity is ideally suited to someone with deep hands-on experience deploying, managing and optimising Splunk Enterprise and Splunk ES in large, complex environments. In return, the role offers the chance to broaden your capability and gain deeper experience in Elastic Security, with support and training available to help build your expertise further. You will work closely with cross-functional teams to assess risk, design effective security controls and define testing requirements. You will champion security by design, promote engineering excellence and act as a trusted advisor to clients, helping them understand their security challenges and implement practical, effective solutions to strengthen their security posture. This is an excellent opportunity to deepen your hands-on cybersecurity expertise while making a meaningful impact across both client and organisational security. You do need to hold active DV Clearance. Office based in Hemel Hempstead.
What you will be doing:
- Lead the deployment, management and optimisation of Splunk Enterprise and Splunk ES platforms in large, complex environments.
- Design, implement and maintain data pipelines, including log ingestion, enrichment and schema standardisation.
- Develop and tune security detection content, translating threat intelligence and TTPs aligned to MITRE ATT&CK into actionable, high-value alerts.
- Manage the full detection content lifecycle: design, test, deploy, monitor, tune and retire, using version control and rollback processes.
- Automate workflows and platform configurations using CI/CD, SOAR, scripting and Infrastructure as Code tools such as Terraform and Ansible.
- Ensure platform performance, stability and resilience through capacity planning, high availability, disaster recovery and proactive monitoring.
- Provide technical leadership and guidance to internal teams and clients on security monitoring strategy and best practice.
What you will bring:
- Proven experience deploying and managing Splunk at enterprise scale.
- Strong hands-on knowledge of SIEM engineering, including indexing, parsing, onboarding and performance tuning.
- Experience designing and optimising detection content, including MITRE ATT&CK-aligned use cases and alert tuning to reduce noise.
- Good understanding of data pipeline engineering, log enrichment, data quality and large-scale ingestion architectures.
- Strong knowledge of SPL; experience with KQL and EQL would be beneficial, but is not essential.
- Experience with automation and Infrastructure-as-Code within security monitoring or SIEM environments.
- Solid understanding of SIEM platform operations, including clustering, scaling, high availability, disaster recovery and performance optimisation.
- Strong problem-solving skills and a proactive approach to improving security operations.
- An interest in developing expertise in Elastic Security, with support and training available as part of the role.
If you are interested in this role but not sure if your skills and experience are exactly what we are looking for, please do apply, we’d love to hear from you!
Employment Type: Full Time, Permanent
Location: Hemel Hempstead
Security Clearance Level: DV Cleared
Internal Recruiter: Jane
Salary: Competitive, depending on experience
Benefits: £5400 Car Allowance, 25 days annual leave with the option to buy additional days, private health care, life assurance, pension, and generous flexible benefits fund.
Loved reading about this job and want to know more about us? Sopra Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the clients' goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.
Splunk Engineer in Watford employer: Sopra Steria
Sopra Steria is an exceptional employer, offering a dynamic work environment in Hemel Hempstead where you can lead the design and optimisation of enterprise-scale security monitoring platforms. With a strong focus on professional development, employees benefit from comprehensive training opportunities, a supportive culture, and a competitive benefits package including a car allowance and private healthcare, all while making a meaningful impact on national security.
StudySmarter Expert Advice🤫
We think this is how you could land Splunk Engineer in Watford
✨Tip Number 1
Network like a pro! Reach out to your connections in the cybersecurity field, especially those who work with Splunk. Attend meetups or webinars to get your name out there and show off your expertise.
✨Tip Number 2
Showcase your skills! Create a portfolio of your past projects related to Splunk and security monitoring. This can be a game-changer during interviews, as it gives potential employers a tangible look at what you can do.
✨Tip Number 3
Prepare for technical interviews by brushing up on your knowledge of Splunk and SIEM engineering. Be ready to discuss specific challenges you've faced and how you tackled them, especially in complex environments.
✨Tip Number 4
Don’t hesitate to apply through our website! Even if you think you might not tick every box, we want to hear from you. Your unique experience could be just what we’re looking for!
We think you need these skills to ace Splunk Engineer in Watford
Some tips for your application 🫡
Tailor Your CV:Make sure your CV highlights your experience with Splunk and any relevant security monitoring platforms. We want to see how your skills align with the role, so don’t be shy about showcasing your achievements!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re passionate about this role and how your background makes you the perfect fit. We love hearing personal stories that connect your experience to our mission.
Showcase Your Technical Skills:Be specific about your hands-on experience with Splunk, SIEM engineering, and any automation tools you've used. We’re looking for someone who can hit the ground running, so let us know what you bring to the table!
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you don’t miss out on any important updates from our team!
How to prepare for a job interview at Sopra Steria
✨Know Your Splunk Inside Out
Make sure you brush up on your Splunk Enterprise and Splunk ES knowledge. Be ready to discuss your hands-on experience with deployment, management, and optimisation in large environments. Prepare specific examples of how you've tackled challenges in these areas.
✨Showcase Your Technical Leadership
This role requires strong technical leadership, so be prepared to share instances where you've guided teams or clients through complex security monitoring strategies. Highlight your ability to communicate effectively and act as a trusted advisor.
✨Demonstrate Your Problem-Solving Skills
Expect questions that assess your problem-solving abilities. Think of scenarios where you've had to troubleshoot issues or improve security operations. Use the STAR method (Situation, Task, Action, Result) to structure your responses.
✨Familiarise Yourself with Automation Tools
Since automation is key in this role, make sure you can discuss your experience with CI/CD, SOAR, and Infrastructure as Code tools like Terraform and Ansible. Be ready to explain how you've used these tools to enhance platform performance and stability.
